Show More
@@ -1,96 +1,109 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2012-2016 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import logging |
|
22 | import importlib | |
|
22 | 23 | |
|
23 | 24 | from pkg_resources import iter_entry_points |
|
24 | 25 | from pyramid.authentication import SessionAuthenticationPolicy |
|
25 | 26 | |
|
26 | 27 | from rhodecode.authentication.registry import AuthenticationPluginRegistry |
|
27 | 28 | from rhodecode.authentication.routes import root_factory |
|
28 | 29 | from rhodecode.authentication.routes import AuthnRootResource |
|
29 | 30 | from rhodecode.config.routing import ADMIN_PREFIX |
|
30 | 31 | from rhodecode.model.settings import SettingsModel |
|
31 | 32 | |
|
32 | 33 | log = logging.getLogger(__name__) |
|
33 | 34 | |
|
34 | 35 | |
|
35 | 36 | # TODO: Currently this is only used to discover the authentication plugins. |
|
36 | 37 | # Later on this may be used in a generic way to look up and include all kinds |
|
37 | 38 | # of supported enterprise plugins. Therefore this has to be moved and |
|
38 | 39 | # refactored to a real 'plugin look up' machinery. |
|
39 | 40 | # TODO: When refactoring this think about splitting it up into distinct |
|
40 | 41 | # discover, load and include phases. |
|
41 | 42 | def _discover_plugins(config, entry_point='enterprise.plugins1'): |
|
42 | 43 | _discovered_plugins = {} |
|
43 | 44 | |
|
44 | 45 | for ep in iter_entry_points(entry_point): |
|
45 | 46 | plugin_id = 'egg:{}#{}'.format(ep.dist.project_name, ep.name) |
|
46 | 47 | log.debug('Plugin discovered: "%s"', plugin_id) |
|
47 | 48 | module = ep.load() |
|
48 | 49 | plugin = module(plugin_id=plugin_id) |
|
49 | 50 | config.include(plugin.includeme) |
|
50 | 51 | |
|
51 | 52 | return _discovered_plugins |
|
52 | 53 | |
|
53 | 54 | |
|
54 | 55 | def _discover_legacy_plugins(config, prefix='py:'): |
|
55 | 56 | auth_plugins = SettingsModel().get_setting_by_name('auth_plugins') |
|
56 | 57 | enabled_plugins = auth_plugins.app_settings_value |
|
57 | 58 | legacy_plugins = [id_ for id_ in enabled_plugins if id_.startswith(prefix)] |
|
58 | 59 | |
|
59 |
log.debug(' |
|
|
60 | log.debug('Importing these legacy authentication plugins {}'.format( | |
|
60 | 61 | legacy_plugins)) |
|
61 | 62 | |
|
63 | for plugin_id in legacy_plugins: | |
|
64 | module_name = plugin_id.split(prefix, 1)[-1] | |
|
65 | try: | |
|
66 | log.debug('Import %s', module_name) | |
|
67 | module = importlib.import_module(module_name) | |
|
68 | plugin = module.plugin_factory(plugin_id=plugin_id) | |
|
69 | config.include(plugin.includeme) | |
|
70 | except ImportError as e: | |
|
71 | log.error( | |
|
72 | 'Error while importing legacy authentication plugin ' | |
|
73 | '"{}": {}'.format(plugin_id, e.message)) | |
|
74 | ||
|
62 | 75 | |
|
63 | 76 | def includeme(config): |
|
64 | 77 | # Set authentication policy. |
|
65 | 78 | authn_policy = SessionAuthenticationPolicy() |
|
66 | 79 | config.set_authentication_policy(authn_policy) |
|
67 | 80 | |
|
68 | 81 | # Create authentication plugin registry and add it to the pyramid registry. |
|
69 | 82 | authn_registry = AuthenticationPluginRegistry(config.get_settings()) |
|
70 | 83 | config.add_directive('add_authn_plugin', authn_registry.add_authn_plugin) |
|
71 | 84 | config.registry.registerUtility(authn_registry) |
|
72 | 85 | |
|
73 | 86 | # Create authentication traversal root resource. |
|
74 | 87 | authn_root_resource = root_factory() |
|
75 | 88 | config.add_directive('add_authn_resource', |
|
76 | 89 | authn_root_resource.add_authn_resource) |
|
77 | 90 | |
|
78 | 91 | # Add the authentication traversal route. |
|
79 | 92 | config.add_route('auth_home', |
|
80 | 93 | ADMIN_PREFIX + '/auth*traverse', |
|
81 | 94 | factory=root_factory) |
|
82 | 95 | # Add the authentication settings root views. |
|
83 | 96 | config.add_view('rhodecode.authentication.views.AuthSettingsView', |
|
84 | 97 | attr='index', |
|
85 | 98 | request_method='GET', |
|
86 | 99 | route_name='auth_home', |
|
87 | 100 | context=AuthnRootResource) |
|
88 | 101 | config.add_view('rhodecode.authentication.views.AuthSettingsView', |
|
89 | 102 | attr='auth_settings', |
|
90 | 103 | request_method='POST', |
|
91 | 104 | route_name='auth_home', |
|
92 | 105 | context=AuthnRootResource) |
|
93 | 106 | |
|
94 | 107 | # Auto discover authentication plugins and include their configuration. |
|
95 | 108 | _discover_plugins(config) |
|
96 | 109 | _discover_legacy_plugins(config) |
General Comments 0
You need to be logged in to leave comments.
Login now